GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,721
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,946
NuGet
711
pip
3,723
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
298 advisories
Filter by severity
Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound...
Critical
Unreviewed
CVE-2022-23884
was published
Mar 29, 2022
Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in...
Critical
Unreviewed
CVE-2009-0947
was published
Apr 21, 2022
An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing...
Critical
Unreviewed
CVE-2017-2892
was published
May 13, 2022
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of...
Critical
Unreviewed
CVE-2017-2921
was published
May 13, 2022
Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP...
Critical
Unreviewed
CVE-2016-4345
was published
May 17, 2022
An integer overflow during the parsing of XML using the Expat library. This vulnerability affects...
Critical
Unreviewed
CVE-2016-9063
was published
May 14, 2022
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and...
Critical
Unreviewed
CVE-2017-9120
was published
May 14, 2022
Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows...
Critical
Unreviewed
CVE-2016-4346
was published
May 14, 2022
Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in...
Critical
Unreviewed
CVE-2016-5770
was published
May 14, 2022
Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows...
Critical
Unreviewed
CVE-2016-4344
was published
May 17, 2022
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote...
Critical
Unreviewed
CVE-2020-28020
was published
May 24, 2022
An integer overflow was addressed with improved input validation. This issue is fixed in Security...
Critical
Unreviewed
CVE-2022-26775
was published
May 27, 2022
A heap-based buffer overflow vulnerability exists in the PSD read_icc_icCurve_data functionality...
Critical
Unreviewed
CVE-2021-21795
was published
May 24, 2022
An integer overflow issue was addressed with improved input validation. This issue is fixed in...
Critical
Unreviewed
CVE-2022-26711
was published
May 27, 2022
Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile...
Critical
Unreviewed
CVE-2022-25651
was published
Jun 15, 2022
Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM)...
Critical
Unreviewed
CVE-2023-0077
was published
Jan 5, 2023
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32...
Critical
Unreviewed
CVE-2022-22721
was published
Mar 15, 2022
Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC...
Critical
Unreviewed
CVE-2016-6999
was published
May 17, 2022
Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have...
Critical
Unreviewed
CVE-2016-6872
was published
May 17, 2022
WolfSSH v1.4.7 was discovered to contain an integer overflow via the function...
Critical
Unreviewed
CVE-2022-32073
was published
Jul 14, 2022
Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified...
Critical
Unreviewed
CVE-2016-6871
was published
May 17, 2022
Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e...
Critical
Unreviewed
CVE-2020-28017
was published
May 24, 2022
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to...
Critical
Unreviewed
CVE-2016-5841
was published
May 17, 2022
Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a...
Critical
Unreviewed
CVE-2016-8438
was published
May 17, 2022
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before...
Critical
Unreviewed
CVE-2016-5769
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API